account-garena.com Open in urlscan Pro
198.252.103.9 Malicious Activity! Public Scan

URL:
http://account-garena.com/
Submission: On August 25 via api (August 25th 2017, 3:02:43 pm UTC) from CA

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 13 HTTP transactions. The main IP is 198.252.103.9, located in Chantilly, United States and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is account-garena.com.

This is the only time account-garena.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garena Free Fire (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
1	198.252.103.9 198.252.103.9	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
5	203.116.173.105 203.116.173.105	4657 (STARHUBIN...) (STARHUBINTERNET-AS StarHub Internet Exchange)
1	2a00:1450:401... 2a00:1450:401b:801::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
5	2.20.189.137 2.20.189.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
13	5

1 198.252.103.9 (Chantilly, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 198.252.103.9-static.reverse.arandomserver.com

account-garena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 203.116.173.105 (Singapore, Singapore)

ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG)
PTR: cloudvps105.everseiko.com.sg

sso.garena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:801::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.20.189.137 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdn.garenanow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	garenanow.com cdn.garenanow.com	8 KB
5	garena.com sso.garena.com	24 KB
1	googleapis.com ajax.googleapis.com	29 KB
1	google.com www.google.com	6 KB
1	account-garena.com account-garena.com	2 KB
13	5

	Domain	Requested by
5	cdn.garenanow.com	account-garena.com
5	sso.garena.com	account-garena.com ajax.googleapis.com
1	ajax.googleapis.com	www.google.com
1	www.google.com	account-garena.com
1	account-garena.com
13	5

This site contains links to these domains. Also see Links.

Domain
nhanquagarena.top

Subject Issuer	Validity	Valid
sso.garena.com COMODO RSA Domain Validation Secure Server CA	`2017-06-02` - `2019-06-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://account-garena.com/
Frame ID: 10359.1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

38 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

69 kB
Transfer

175 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://nhanquagarena.top/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
account-garena.com/ 5 KB
2 KB 742ms
332ms Document
text/html 198.252.103.9
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://account-garena.com/
Protocol: HTTP/1.1
Server: 198.252.103.9 Chantilly, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 198.252.103.9-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/5.6.31
Resource Hash: 72665b106e83624a87b4629a8eac9ca2da1f9598bc743ee8667e46f7522fb164

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2017 15:02:31 GMT
Content-Encoding: gzip
Server: LiteSpeed
X-Powered-By: PHP/5.6.31
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Accept-Ranges: bytes
Content-Length: 1913
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK sso.css
sso.garena.com/css/ 24 KB
6 KB 645ms
208ms Stylesheet
text/css 203.116.173.105
STARHUBINTERNET-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.garena.com/css/sso.css?v=0.47
Requested by: Host: account-garena.com
URL: http://account-garena.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.116.173.105 Singapore, Singapore, ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG),
Reverse DNS: cloudvps105.everseiko.com.sg
Software: /
Resource Hash: 33e00abdae0b7f4e5927133b79b8322917a025d2bc897f6107ffdc18fcc07d4a

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2017 10:54:46 GMT
ETag: W/"5922c376-5e2e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 24 Sep 2017 15:02:32 GMT

GET
H/1.1 200
OK jsapi Show response
www.google.com/ 25 KB
6 KB 64ms
44ms Script
text/javascript 2a00:1450:401b:801::2004
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/jsapi

Requested by

Host: account-garena.com
URL: http://account-garena.com/

Protocol

HTTP/1.1

Server

2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

GSE /

Resource Hash

d8a4b8a143ea6ff99769b9b1ac35636b839249c4b5661aba4fe0321866baca14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, max-age=3600, must-revalidate
Vary: Accept-Encoding
Content-Length: 6152
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Aug 2017 15:02:31 GMT

GET
H/1.1 200
OK jsbn.js Show response
cdn.garenanow.com/webmain/static/js/ 15 KB
5 KB 293ms
288ms Script
application/x-javascript 2.20.189.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.garenanow.com/webmain/static/js/jsbn.js
Requested by: Host: account-garena.com
URL: http://account-garena.com/
Protocol: HTTP/1.1
Server: 2.20.189.137 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 61de67d61cf9977a30ebbd11f82570d4472620e3e15af06e4c6564d96faa091a

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2012 05:47:24 GMT
Server: Apache
ETag: "2a4325e2473367762683c8cfaa431e5e:1337147244"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5125

GET
H/1.1 200
OK prng4.js Show response
cdn.garenanow.com/webmain/static/js/ 1009 B
478 B 191ms
186ms Script
application/x-javascript 2.20.189.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.garenanow.com/webmain/static/js/prng4.js
Requested by: Host: account-garena.com
URL: http://account-garena.com/
Protocol: HTTP/1.1
Server: 2.20.189.137 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 9f27554859db05d776233142664db7d65867d6b52e9ada830c7e2fe50df91718

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2012 05:47:18 GMT
Server: Apache
ETag: "e5918399f7a38295d617eb78ccfb255b:1337147238"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 478

GET
H/1.1 200
OK rng.js Show response
cdn.garenanow.com/webmain/static/js/ 2 KB
811 B 232ms
226ms Script
application/x-javascript 2.20.189.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.garenanow.com/webmain/static/js/rng.js
Requested by: Host: account-garena.com
URL: http://account-garena.com/
Protocol: HTTP/1.1
Server: 2.20.189.137 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 13a4bbc07313a1f6cd9adf38adbb512c63369e7e99ffc9477de764dd3e88f174

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2012 05:47:15 GMT
Server: Apache
ETag: "015302b7d458a2d1804caceba805be3f:1337147236"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 811

GET
H/1.1 200
OK rsa.js Show response
cdn.garenanow.com/webmain/static/js/ 3 KB
1 KB 194ms
189ms Script
application/x-javascript 2.20.189.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.garenanow.com/webmain/static/js/rsa.js
Requested by: Host: account-garena.com
URL: http://account-garena.com/
Protocol: HTTP/1.1
Server: 2.20.189.137 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: e35376a7e422bfacb8c2d2e2b797cee63ac6db16471f4348ae356db0f5294208

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2012 05:47:10 GMT
Server: Apache
ETag: "850577550a13eb3b22c72912b3a67fa8:1337147230"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1088

GET
H/1.1 200
OK grsa.js Show response
cdn.garenanow.com/webmain/static/js/ 670 B
670 B 200ms
195ms Script
application/x-javascript 2.20.189.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.garenanow.com/webmain/static/js/grsa.js
Requested by: Host: account-garena.com
URL: http://account-garena.com/
Protocol: HTTP/1.1
Server: 2.20.189.137 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 65a247c842f47fe4b62e399f94b3aa46382320934fef8ef77609e6dad3515a4c

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Last-Modified: Wed, 16 May 2012 05:47:32 GMT
Server: Apache
ETag: "2c89fbf72de22e91cb119f387b35f3de:1337147252"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 670

GET
H/1.1 200
OK header_garena.png
sso.garena.com/images/ 11 KB
11 KB 561ms
210ms Image
image/png 203.116.173.105
STARHUBINTERNET-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.garena.com/images/header_garena.png
Requested by: Host: account-garena.com
URL: http://account-garena.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.116.173.105 Singapore, Singapore, ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG),
Reverse DNS: cloudvps105.everseiko.com.sg
Software: /
Resource Hash: 3a2e97410c23def10b030c03197a1546fa4b65e1607123a529c84df853486015

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Last-Modified: Mon, 22 May 2017 10:54:46 GMT
ETag: "5922c376-2bc6"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11206
Expires: Sun, 24 Sep 2017 15:02:32 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.5.0/ 82 KB
29 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:81e::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js

Requested by

Host: www.google.com
URL: http://www.google.com/jsapi

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

229278f6a9c1c27fc55bec50f06548fe64c2629f59f462d50cac28e65bb93a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://account-garena.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 07 Aug 2017 09:42:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1574414
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29519
X-XSS-Protection: 1; mode=block
Expires: Tue, 07 Aug 2018 09:42:18 GMT

GET
H/1.1 200
OK bg.png
sso.garena.com/images/ 2 KB
2 KB 216ms
202ms Image
image/png 203.116.173.105
STARHUBINTERNET-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.garena.com/images/bg.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.116.173.105 Singapore, Singapore, ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG),
Reverse DNS: cloudvps105.everseiko.com.sg
Software: /
Resource Hash: 55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410

Request headers

Referer: https://sso.garena.com/css/sso.css?v=0.47
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Last-Modified: Mon, 22 May 2017 10:54:46 GMT
ETag: "5922c376-60e"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1550
Expires: Sun, 24 Sep 2017 15:02:32 GMT

GET
H/1.1 200
OK earth.png
sso.garena.com/images/ 522 B
522 B 379ms
210ms Image
image/png 203.116.173.105
STARHUBINTERNET-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.garena.com/images/earth.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.116.173.105 Singapore, Singapore, ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG),
Reverse DNS: cloudvps105.everseiko.com.sg
Software: /
Resource Hash: 85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c

Request headers

Referer: https://sso.garena.com/css/sso.css?v=0.47
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Last-Modified: Mon, 22 May 2017 10:54:46 GMT
ETag: "5922c376-20a"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 522
Expires: Sun, 24 Sep 2017 15:02:32 GMT

GET
H/1.1 200
OK logo-facebook.png
sso.garena.com/images/ 6 KB
6 KB 417ms
202ms Image
image/png 203.116.173.105
STARHUBINTERNET-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.garena.com/images/logo-facebook.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.116.173.105 Singapore, Singapore, ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG),
Reverse DNS: cloudvps105.everseiko.com.sg
Software: /
Resource Hash: bf7207bcd39f56d9113027d68b8ad4fda3afb3520ff27e4e261061054a20ef0a

Request headers

Referer: https://sso.garena.com/css/sso.css?v=0.47
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 25 Aug 2017 15:02:32 GMT
Last-Modified: Mon, 22 May 2017 10:54:46 GMT
ETag: "5922c376-16d1"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5841
Expires: Sun, 24 Sep 2017 15:02:32 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account-garena.com/	1970-01-01 00:00:00	Name: PHPSESSID Value: l3s32krn3ivfimn5rfaa8rfgb0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-garena.com
ajax.googleapis.com
cdn.garenanow.com
sso.garena.com
www.google.com
198.252.103.9
2.20.189.137
203.116.173.105
2a00:1450:4001:81e::200a
2a00:1450:401b:801::2004
13a4bbc07313a1f6cd9adf38adbb512c63369e7e99ffc9477de764dd3e88f174
229278f6a9c1c27fc55bec50f06548fe64c2629f59f462d50cac28e65bb93a83
33e00abdae0b7f4e5927133b79b8322917a025d2bc897f6107ffdc18fcc07d4a
3a2e97410c23def10b030c03197a1546fa4b65e1607123a529c84df853486015
55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410
61de67d61cf9977a30ebbd11f82570d4472620e3e15af06e4c6564d96faa091a
65a247c842f47fe4b62e399f94b3aa46382320934fef8ef77609e6dad3515a4c
72665b106e83624a87b4629a8eac9ca2da1f9598bc743ee8667e46f7522fb164
85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c
9f27554859db05d776233142664db7d65867d6b52e9ada830c7e2fe50df91718
bf7207bcd39f56d9113027d68b8ad4fda3afb3520ff27e4e261061054a20ef0a
d8a4b8a143ea6ff99769b9b1ac35636b839249c4b5661aba4fe0321866baca14
e35376a7e422bfacb8c2d2e2b797cee63ac6db16471f4348ae356db0f5294208

account-garena.com Open in urlscan Pro 198.252.103.9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

38 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

69 kBTransfer

175 kBSize

1 Cookies

1 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

account-garena.com Open in urlscan Pro
198.252.103.9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

38 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

69 kB
Transfer

175 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!